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Abstract 

This presentation describes extraction and integration of requirements information and safety information in 
visualizations to support early review of completeness, correctness, and consistency of lengthy and diverse system 
safety analyses. Software tools have been developed and extended to perform the following tasks: 1) extract model 
parts and safety information from text in interface requirements documents, failure modes and effects analyses and 
hazard reports; 2) map and integrate the information to develop system architecture models and visualizations for 
safety analysts; and 3) provide model output to support virtual system integration testing. This presentation 
illustrates the methods and products with a rocket motor initiation case. 
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ssential Early Safety Reviews 


• Requirements and design problems are the 
source of most operational software defects 

- System integration, interfaces, failures and hazard 
causes 

• Analysis of information for Preliminary Design 
Review (PDR) is needed 



System Integration Operations and Stresses 
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Integrated Review of Scattered Information 


• Need: Efficient system safety reviews of 
large sets of contractor documents 

- Make short-fuse reviews of requirements, 
safety analyses and plans manageable 

- Integrate key information from diverse 
uncoordinated and evolving documents 

• Interface Requirements Documents (IRD) 

• Failure Modes and Effects Analysis (FMEA) 

• Hazard Reports (HR) 

• Fault Detection, Isolation and Response (FDIR) 
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Automated Modeling Solution 



Model Graph 


Connection Description Pop up from Arrow 


Models constructed from information extracted from text documents 

Visualizations for integrated insight into information scattered in 
large documents 

Output files and reports for model reuse in virtual testing and 
analysis for FDIR design 
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NASA Application Cases 


Constellation Program (CxP) CEV cases 

- Launch Abort System (LAS) with focus on 
Ordnance 

- Crew Module (CM) 

- Service Model (SM) Propulsion 

Useful in other aerospace projects where 
safety engineers perform early reviews of 
contractor products 

- FMEAs, Hazard Reports, safety requirements 
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NASA Automated Modeling Tools 


• Semantic Text Analysis Tool (STAT) 

- Parsing and information extraction from text to XML 

- Multiple information types and document types 

• Hazard Identification Tool (HIT) 

- Model construction and visualization 

- Component-connection models and visualizations 

- Analyses of redundancy, dependencies, linkages 

• Output for further modeling and analysis 

- Information from FMEAs and Hazard Reports for FDIR 

- Virtual System Integration Lab (VSIL) simulator 
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STAT Linguistic Text Extraction 


• Powerful linguistic tagger and extractor 

-Advanced natural language processing 
- Extensive aerospace nomenclature 

• Extractions for models 


Document 

Section 

Model Information 

FMEA 

Front matter section 

System hierarchy 

Worksheet hierarchy section 

System hierarchy 

Worksheet: Item Function 

Components, connections 

Worksheet: Failure modes and 
Causes 

Failure mode descriptions 

Cause descriptions 

Hazard Report 

Cause Descriptions, Cause Control 
Descriptions 

Component types 

Controls 

IRD 

Interface requirements 

Components, connections 

All Documents 

Acronym Section 

Acronyms 

Titles, identifiers 

Traceability Information 
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HIT Automated Model Construction 


Text extractions — > Models — >• Visualizations — >• Analysis 



- Orion+Subsystems 
-CEV 

♦ CM 
-LAS 

♦ Avionics 
BPC 

♦ GN&C 

♦ Ordnance 

♦ Propulsion 

♦ Structures & Mechanisms 

♦ SM 


Graph Display: Redundant Components and Paths Tree Display: Orion and Subsystems in Model 
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HIT Models for Review and Reuse 


Integrated review of multiple FMEAs 

- Completeness, duplication, consistency and 
redundant components and paths 

- Compare versions and re-analyze 

- Upstream and downstream dependency paths 

Review of FMEAs and Hazard Reports that are 
related to the same components 

Reuse of model information 

- Models and failure modes for simulation tests 

- Output information for fault analysis and FDIR design 
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Source Information Pop ups 


• Click on components and connections to pop up 
FMEA and Hazard Report Information 


Highlighting 

shows 

components 

with Hazard 

Report 

references 



| Initiator-1 1 — ^ Igniter-1 

> 

t 

Igniter-2 Rocket Motor | 

t 



^nitiatoi^J 



DOCUMENT TITLE: 
LAS FMEA 


Initiators - FMEA 


FMEA-00001 
Item Function: 

The initiators provide initiation energy to the rocket motor igniter. 

Failure Mode 1 
Criticality: 1 
Failure of initiator 


documenttitle Initiator - Igniter Connection 

LAS FMEA 
FMEA-0001 

Type of thing sent: Energy _or_Power 

Source Text: The initiators shall provide initiation energy to the rocket motor igniter. 


Hazard Report References for components of type Initiator 


HR Number: LAS-FLT-00001 

HR Title: Failure to Function Rocket Motor Results in Loss of Vehicle Control 


Cause F: Igniter Failure 
Cause Description ... 
Effect(s) ... 

Control(s) 


Initiators - Hazard Report 


Bullet: 1 

Design. The igniter shall be designed to properly function upon receiving 
initiator stimulus. 

Verification(s) ... 


Cause G: Inadequate motor performance 
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Model Reuse for Design and Test 


• Automated generation of fault analysis spreadsheets 

with HIT model information (from FMEAs and HRs) 

- Progress in extending CxP functional fault analysis (FFA) 
spreadsheets with Hazard Report information 

• Triakis Virtual System Integration Lab simulator uses 

HIT FMEA Output to test flight software 

- Automatic translation of HIT FMEA output into failure mode 
test framework files 

- Failure mode tests verify integrated system and software 

• Manifest component failures and record software response 

• Monitor the state of any simulated part or signals between parts 

- HIT displays link back to VSIL test results and methods, for 
analysis and review 
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w Links to Test Plans and Results 


• Clicking on components brings up test plans and results. 



File Ed* View Insert Format Help 


□ c* a & a ** * n e& % 


//*********»**»****•****«**•**»•*******************************«**•****•**•****** 

//* 

//* File: FHEA 00‘1019.cpp 
//• 

//* Description: This failure mode test file framework is automatically generated 
//* by mapping the parsed FHEA xml file to the V3IL part domain. 

//• 

//* Ted Bennett » Trlakis Corporation * Bed Har 17 17:02:06 2010 

//• 


# Include "stdafx.h" 
^include <stdlo.h> 
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Evaluations by Safety Engineers 


• CEV avionics/software safety engineers - basis 
for a great leap in productivity of reviews 

- One-stop rapid integrated review 

• Thousands of documents for review were beyond human capabilities 

• Linking to specific information in the source documents makes the 
information easily accessible 

- Graph display makes key information stand out 

• Highlights missing or inconsistent information or terminology 

• Easy to see architecture and components that have no outputs or 
insufficient inputs, indicating omissions in design or documentation 

• Helps engineers check redundancy and review potential hazard paths 

- Engineers can trace from HRs to linked FMEAs, to find 
more detailed FMEA information for the HR 

• Essential but not possible before 
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Software Technology Maturity 


Technology Readiness Level 7: Prototypes 
that fully demonstrate operational and 
engineering feasibility 

- Prototype software with all key functionality 
should be available for demo and test 

• Distribution image and CEV models delivered to 
SMA on notebook computer 

- Prototype code should be relatively clean - ‘tis 

- Limited documentation should be available 

• User documentation and the Concept of 
Operations 
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NASA-owned Prototypes 


FY10 milestone: Tools on installation CD 

-Triakis COTS VSIL LAS simulator (C++) and 
documentation will be delivered separately 

STAT implemented in Perl and open- 
source LISP 

- Parsers: open-source Stanford and University 
of Central Florida 

-Aerospace nomenclature implemented in 
Protege ontology 

HIT implemented in Allegro Common LISP 
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Recommended Next Steps 


• Another Aerospace Case 

- Safety engineers can use these tools to significantly 
increase productivity of reviews 

• Further evaluate feasibility of model reuse 

- Fault analysis and FDIR design spreadsheets 

- Virtual system integration testing for safety 

• Develop software tool products based on 
existing Concept of Operations and prototypes 

- Develop according to NPR 7150.2 

• Extend to assist developers of FMEAs and 
Hazard Reports, with evaluation and guidance 
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Summary: Models Extracted from Text 


• Coordinated data and documents are 
desirable, but virtually impossible 

• Integrated information for efficient safety 
review requires text extraction 

- Important information stands out 

- Details are a click away 

• Information for follow-on design and test 

- Model for virtual safety testing 

- Information output for FDIR design 
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